CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CNNVD•added 2026/05/14 12:0 a.m.•7 views

HRConvert2 操作系统命令注入漏洞

HRConvert2 is a self-hosted, drag-and-drop file conversion and sharing tool developed by Justin Grimes. Versions of HRConvert2 prior to 3.3.8 had an operating system command injection vulnerability. This vulnerability stemmed from the sanitizeString function not filtering escaped quotes and tabs,...

9.3CVSS5.9AI score0.00062EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-24833

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00108EPSS

Exploits0References2

CNNVD•added 2025/09/10 12:0 a.m.•2 views

Indico 安全漏洞

Indico is a feature-rich event management system from Indico Open Source. A security vulnerability exists in Indico versions prior to 3.3.8, which stems from improper access checking and could lead to unauthorized retrieval of another user's personal data...

4.3CVSS6.3AI score0.00053EPSS

Exploits0References2

RedhatCVE•added 2025/08/16 12:16 a.m.•6 views

CVE-2025-27846

In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected...

4.3CVSS7.2AI score0.00108EPSS

Exploits0References1

RedhatCVE•added 2025/08/16 12:16 a.m.•13 views

CVE-2025-27847

In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout...

4.3CVSS7.3AI score0.00108EPSS

Exploits0References1

Cvelist•added 2025/08/14 12:0 a.m.•6 views

CVE-2025-27846

In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected...

0.00108EPSS

Exploits0References2

Vulnrichment•added 2025/08/14 12:0 a.m.•2 views

CVE-2025-27846

In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected...

6.9AI score0.00108EPSS

Exploits0References2

Vulnrichment•added 2025/08/14 12:0 a.m.•2 views

CVE-2025-27847

In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout...

7AI score0.00108EPSS

Exploits0References2

CNVD•added 2017/10/24 12:0 a.m.•2 views

LetoDMS Cross-Site Request Forgery Vulnerability

LetoDMS is a document management system based on PHP+MySQL development. A cross-site request forgery vulnerability exists in LetoDMS versions prior to 3.3.8, which can be exploited by remote attackers to hijack a victim's authentication...

8.8CVSS6.9AI score0.00147EPSS

Exploits0References1

Positive Technologies•added 1970/01/01 12:0 a.m.•2 views

PT-2007-7502 · Qt +1 · Libqt3C102-Mt-Sqlite +38

Name of the Vulnerable Software and Affected Versions: libqt3-mt-dev versions prior to 3.3.8 libqt3c102-mt-ibase versions prior to 3.3.8 qt3-dev-tools versions prior to 3.3.8 libqt3c102-mt-mysql versions prior to 3.3.8 libqt3c102-mt-psql versions prior to 3.3.8 libqt3c102-mt-odbc versions prior t...

7.5CVSS7AI score0.13078EPSS

Exploits0References89

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by